package com.baizhi.springbootshiro.realm;

import com.baizhi.springbootshiro.entity.Perms;
import com.baizhi.springbootshiro.entity.Role;
import com.baizhi.springbootshiro.entity.User;
import com.baizhi.springbootshiro.service.PermsService;
import com.baizhi.springbootshiro.service.RoleService;
import com.baizhi.springbootshiro.service.UserService;
import com.baizhi.springbootshiro.utils.ContextBeanUtils;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.util.CollectionUtils;
import org.springframework.util.ObjectUtils;

import java.util.List;

/**
 * @author Administrator
 */
@Slf4j
public class CustomerRealm extends AuthorizingRealm {
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        String principal = (String) principalCollection.getPrimaryPrincipal();
        log.info("principal:{}", principal);
        if (StringUtils.isNotEmpty(principal)) {
            //获取roleService实例
            RoleService roleService = ContextBeanUtils.getBean("roleServiceImpl", RoleService.class);
            User user = roleService.getRoles(principal);
            List<Role> roleList = user.getRoleList();
            //获取角色 并赋予该用户角色
            SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
            if (!CollectionUtils.isEmpty(roleList)) {
                roleList.forEach(role -> authorizationInfo.addRole(role.getRoleName()));
            }
            //获取到权限集合
            PermsService permsService = ContextBeanUtils.getBean("permsServiceImpl", PermsService.class);
            List<Perms> permsList = permsService.getPermsByRoles(roleList);
            permsList.forEach(perms -> {
                if (!ObjectUtils.isEmpty(perms) && StringUtils.isNotEmpty(perms.getPremsEl())) {
                    authorizationInfo.addStringPermission(perms.getPremsEl());
                }
            });

            return authorizationInfo;
        }
        return null;

    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UserService userService = ContextBeanUtils.getBean("userServiceImpl", UserService.class);
        LambdaQueryWrapper<User> lambdaQueryWrapper = Wrappers.lambdaQuery(User.class);
        lambdaQueryWrapper.eq(User::getUname, authenticationToken.getPrincipal());
        User user = userService.getOne(lambdaQueryWrapper);
        //认证成功
        lambdaQueryWrapper.clear();
        if (!ObjectUtils.isEmpty(user)) {
            SimpleAuthenticationInfo authenticationInfo =
                    new SimpleAuthenticationInfo
                            (user.getUname(), user.getPwd(), ByteSource.Util.bytes(user.getSalt()), this.getName());
            log.info("authentication success :{}", user.toString());
            return authenticationInfo;
        }
        return null;
    }

}
